instavm 0.8.3 → 0.13.0

package/dist/index.js

@@ -31,6 +31,8 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var index_exports = {};
 __export(index_exports, {
+  APIKeysManager: () => APIKeysManager,
+  AuditManager: () => AuditManager,
   AuthenticationError: () => AuthenticationError,
   BrowserError: () => BrowserError,
   BrowserInteractionError: () => BrowserInteractionError,
@@ -39,6 +41,8 @@ __export(index_exports, {
   BrowserSession: () => BrowserSession,
   BrowserSessionError: () => BrowserSessionError,
   BrowserTimeoutError: () => BrowserTimeoutError,
+  ComputerUseManager: () => ComputerUseManager,
+  CustomDomainsManager: () => CustomDomainsManager,
   ElementNotFoundError: () => ElementNotFoundError,
   ExecutionError: () => ExecutionError,
   InstaVM: () => InstaVM,
@@ -47,7 +51,12 @@ __export(index_exports, {
   QuotaExceededError: () => QuotaExceededError,
   RateLimitError: () => RateLimitError,
   SessionError: () => SessionError,
-  UnsupportedOperationError: () => UnsupportedOperationError
+  SharesManager: () => SharesManager,
+  SnapshotsManager: () => SnapshotsManager,
+  UnsupportedOperationError: () => UnsupportedOperationError,
+  VMsManager: () => VMsManager,
+  VolumesManager: () => VolumesManager,
+  WebhooksManager: () => WebhooksManager
 });
 module.exports = __toCommonJS(index_exports);
 
@@ -190,7 +199,7 @@ var HTTPClient = class {
       timeout: config.timeout,
       headers: {
         "Content-Type": "application/json",
-        "User-Agent": "instavm-js-sdk/0.1.0"
+        "User-Agent": "instavm-js-sdk/0.12.0"
       }
     });
     this.setupInterceptors();
@@ -362,6 +371,39 @@ var HTTPClient = class {
       headers
     });
   }
+  /**
+   * PUT request
+   */
+  async put(url, data, headers) {
+    return this.request({
+      method: "PUT",
+      url,
+      data,
+      headers
+    });
+  }
+  /**
+   * PATCH request
+   */
+  async patch(url, data, headers) {
+    return this.request({
+      method: "PATCH",
+      url,
+      data,
+      headers
+    });
+  }
+  /**
+   * OPTIONS request
+   */
+  async options(url, headers, params) {
+    return this.request({
+      method: "OPTIONS",
+      url,
+      headers,
+      params
+    });
+  }
   /**
    * POST request that returns raw binary data (for file downloads)
    */
@@ -928,13 +970,732 @@ var BrowserManager = class {
   }
 };
 
-// src/client/InstaVM.ts
+// src/utils/path.ts
+function encodePathSegment(value) {
+  const segment = String(value);
+  if (segment === "." || segment === "..") {
+    throw new Error("Path traversal not allowed in path segment");
+  }
+  return encodeURIComponent(segment);
+}
+function encodePathSegments(path2) {
+  const segments = path2.replace(/^\/+/, "").split("/").filter((segment) => segment.length > 0 && segment !== ".");
+  if (segments.some((segment) => segment === "..")) {
+    throw new Error("Path traversal not allowed in proxy path");
+  }
+  return segments.map((segment) => encodeURIComponent(segment)).join("/");
+}
+
+// src/client/VMsManager.ts
+var VMsManager = class {
+  constructor(httpClient, local = false) {
+    this.httpClient = httpClient;
+    this.local = local;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async create(payload = {}, wait = true) {
+    this.ensureCloud("VM creation");
+    return this.httpClient.request({
+      method: "POST",
+      url: "/v1/vms",
+      params: { wait },
+      data: payload,
+      headers: { "X-API-Key": this.httpClient.apiKey }
+    });
+  }
+  async list() {
+    this.ensureCloud("VM listing");
+    return this.httpClient.get(
+      "/v1/vms",
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async listAll() {
+    return this.listAllRecords();
+  }
+  /**
+   * Calls GET /v1/vms/ (trailing slash), a distinct route from GET /v1/vms.
+   */
+  async listAllRecords() {
+    this.ensureCloud("VM listing");
+    return this.httpClient.get(
+      "/v1/vms/",
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async get(itemId) {
+    this.ensureCloud("VM lookup");
+    const safeItemId = encodePathSegment(itemId);
+    return this.httpClient.get(
+      `/v1/vms/${safeItemId}`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async update(vmId, payload = {}) {
+    this.ensureCloud("VM update");
+    const safeVmId = encodePathSegment(vmId);
+    return this.httpClient.patch(
+      `/v1/vms/${safeVmId}`,
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async delete(vmId) {
+    this.ensureCloud("VM deletion");
+    const safeVmId = encodePathSegment(vmId);
+    return this.httpClient.delete(
+      `/v1/vms/${safeVmId}`,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async clone(vmId, payload = {}, wait = true) {
+    this.ensureCloud("VM clone");
+    const safeVmId = encodePathSegment(vmId);
+    return this.httpClient.request({
+      method: "POST",
+      url: `/v1/vms/${safeVmId}/clone`,
+      params: { wait },
+      data: payload,
+      headers: { "X-API-Key": this.httpClient.apiKey }
+    });
+  }
+  async snapshot(vmId, payload = {}, wait = true) {
+    this.ensureCloud("VM snapshot");
+    const safeVmId = encodePathSegment(vmId);
+    return this.httpClient.request({
+      method: "POST",
+      url: `/v1/vms/${safeVmId}/snapshot`,
+      params: { wait },
+      data: payload,
+      headers: { "X-API-Key": this.httpClient.apiKey }
+    });
+  }
+  async mountVolume(vmId, payload, wait = true) {
+    this.ensureCloud("VM volume mount");
+    const safeVmId = encodePathSegment(vmId);
+    return this.httpClient.request({
+      method: "POST",
+      url: `/v1/vms/${safeVmId}/volumes`,
+      params: { wait },
+      data: payload,
+      headers: { "X-API-Key": this.httpClient.apiKey }
+    });
+  }
+  async listVolumes(vmId) {
+    this.ensureCloud("VM volume listing");
+    const safeVmId = encodePathSegment(vmId);
+    return this.httpClient.get(
+      `/v1/vms/${safeVmId}/volumes`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async unmountVolume(vmId, volumeId, mountPath, wait = true) {
+    this.ensureCloud("VM volume unmount");
+    const safeVmId = encodePathSegment(vmId);
+    const safeVolumeId = encodePathSegment(volumeId);
+    return this.httpClient.request({
+      method: "DELETE",
+      url: `/v1/vms/${safeVmId}/volumes/${safeVolumeId}`,
+      params: { mount_path: mountPath, wait },
+      headers: { "X-API-Key": this.httpClient.apiKey }
+    });
+  }
+};
+
+// src/client/SnapshotsManager.ts
+var SnapshotsManager = class {
+  constructor(httpClient, local = false) {
+    this.httpClient = httpClient;
+    this.local = local;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async create(payload) {
+    this.ensureCloud("Snapshot creation");
+    return this.httpClient.post(
+      "/v1/snapshots",
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async list(options = {}) {
+    this.ensureCloud("Snapshot listing");
+    return this.httpClient.get(
+      "/v1/snapshots",
+      options,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async get(snapshotId) {
+    this.ensureCloud("Snapshot lookup");
+    const safeSnapshotId = encodePathSegment(snapshotId);
+    return this.httpClient.get(
+      `/v1/snapshots/${safeSnapshotId}`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async delete(snapshotId) {
+    this.ensureCloud("Snapshot deletion");
+    const safeSnapshotId = encodePathSegment(snapshotId);
+    return this.httpClient.delete(
+      `/v1/snapshots/${safeSnapshotId}`,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+};
+
+// src/client/SharesManager.ts
+var SharesManager = class {
+  constructor(httpClient, local = false, getSessionId = () => null) {
+    this.httpClient = httpClient;
+    this.local = local;
+    this.getSessionId = getSessionId;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async create(payload) {
+    this.ensureCloud("Share creation");
+    const body = { ...payload };
+    if (!body.session_id && !body.vm_id) {
+      const sid = this.getSessionId();
+      if (!sid) {
+        throw new SessionError(
+          "Provide session_id/vm_id or create a session before creating a share."
+        );
+      }
+      body.session_id = sid;
+    }
+    return this.httpClient.post(
+      "/v1/shares",
+      body,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async update(shareId, payload) {
+    this.ensureCloud("Share update");
+    const safeShareId = encodePathSegment(shareId);
+    return this.httpClient.patch(
+      `/v1/shares/${safeShareId}`,
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+};
+
+// src/client/CustomDomainsManager.ts
+var CustomDomainsManager = class {
+  constructor(httpClient, local = false) {
+    this.httpClient = httpClient;
+    this.local = local;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async create(payload) {
+    this.ensureCloud("Custom domain creation");
+    return this.httpClient.post(
+      "/v1/custom-domains",
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async list() {
+    this.ensureCloud("Custom domain listing");
+    return this.httpClient.get(
+      "/v1/custom-domains",
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async health(domainId) {
+    this.ensureCloud("Custom domain health");
+    const safeDomainId = encodePathSegment(domainId);
+    return this.httpClient.get(
+      `/v1/custom-domains/${safeDomainId}/health`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async verify(domainId) {
+    this.ensureCloud("Custom domain verification");
+    const safeDomainId = encodePathSegment(domainId);
+    return this.httpClient.post(
+      `/v1/custom-domains/${safeDomainId}/verify`,
+      {},
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async delete(domainId) {
+    this.ensureCloud("Custom domain deletion");
+    const safeDomainId = encodePathSegment(domainId);
+    return this.httpClient.delete(
+      `/v1/custom-domains/${safeDomainId}`,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+};
+
+// src/client/ComputerUseManager.ts
+var ComputerUseManager = class {
+  constructor(httpClient, local = false) {
+    this.httpClient = httpClient;
+    this.local = local;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async viewerUrl(sessionId) {
+    this.ensureCloud("Computer-use viewer URL");
+    const safeSessionId = encodePathSegment(sessionId);
+    return this.httpClient.get(
+      `/v1/computeruse/${safeSessionId}/viewer-url`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async proxy(sessionId, path2, method = "GET", options = {}) {
+    this.ensureCloud("Computer-use proxy");
+    const safeSessionId = encodePathSegment(sessionId);
+    const cleanPath = encodePathSegments(path2);
+    return this.httpClient.request({
+      method,
+      url: `/v1/computeruse/${safeSessionId}/${cleanPath}`,
+      params: options.params,
+      data: options.body,
+      headers: { "X-API-Key": this.httpClient.apiKey }
+    });
+  }
+  async get(sessionId, path2, params) {
+    return this.proxy(sessionId, path2, "GET", { params });
+  }
+  async post(sessionId, path2, body) {
+    return this.proxy(sessionId, path2, "POST", { body });
+  }
+  async put(sessionId, path2, body) {
+    return this.proxy(sessionId, path2, "PUT", { body });
+  }
+  async patch(sessionId, path2, body) {
+    return this.proxy(sessionId, path2, "PATCH", { body });
+  }
+  async delete(sessionId, path2, params) {
+    return this.proxy(sessionId, path2, "DELETE", { params });
+  }
+  async options(sessionId, path2, params) {
+    return this.proxy(sessionId, path2, "OPTIONS", { params });
+  }
+  async head(sessionId, path2, params) {
+    return this.proxy(sessionId, path2, "HEAD", { params });
+  }
+  /**
+   * Get the VNC WebSocket URL for a computer-use session.
+   * Returns the URL to connect to; the actual connection requires a WebSocket client.
+   */
+  async vncWebsockify(sessionId) {
+    this.ensureCloud("Computer-use VNC websockify");
+    const safeSessionId = encodePathSegment(sessionId);
+    return this.httpClient.get(
+      `/v1/computeruse/${safeSessionId}/vnc/websockify`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+};
+
+// src/client/APIKeysManager.ts
+var APIKeysManager = class {
+  constructor(httpClient, local = false) {
+    this.httpClient = httpClient;
+    this.local = local;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async create(payload = {}) {
+    this.ensureCloud("API key creation");
+    return this.httpClient.post(
+      "/v1/api-keys/",
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async list() {
+    this.ensureCloud("API key listing");
+    return this.httpClient.get(
+      "/v1/api-keys/",
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async get(itemId) {
+    this.ensureCloud("API key lookup");
+    const safeItemId = encodePathSegment(itemId);
+    return this.httpClient.get(
+      `/v1/api-keys/${safeItemId}`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async update(itemId, payload) {
+    this.ensureCloud("API key update");
+    const safeItemId = encodePathSegment(itemId);
+    return this.httpClient.patch(
+      `/v1/api-keys/${safeItemId}`,
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async delete(itemId) {
+    this.ensureCloud("API key deletion");
+    const safeItemId = encodePathSegment(itemId);
+    return this.httpClient.delete(
+      `/v1/api-keys/${safeItemId}`,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+};
+
+// src/client/AuditManager.ts
+var AuditManager = class {
+  constructor(httpClient, local = false) {
+    this.httpClient = httpClient;
+    this.local = local;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async catalog() {
+    this.ensureCloud("Audit catalog");
+    return this.httpClient.get(
+      "/v1/audit/catalog",
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async events(query = {}) {
+    this.ensureCloud("Audit event listing");
+    return this.httpClient.get(
+      "/v1/audit/events",
+      query,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async getEvent(eventId) {
+    this.ensureCloud("Audit event lookup");
+    const safeEventId = encodePathSegment(eventId);
+    return this.httpClient.get(
+      `/v1/audit/events/${safeEventId}`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+};
+
+// src/client/WebhooksManager.ts
+var WebhooksManager = class {
+  constructor(httpClient, local = false) {
+    this.httpClient = httpClient;
+    this.local = local;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async createEndpoint(payload) {
+    this.ensureCloud("Webhook endpoint creation");
+    return this.httpClient.post(
+      "/v1/webhooks/endpoints",
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async listEndpoints() {
+    this.ensureCloud("Webhook endpoint listing");
+    return this.httpClient.get(
+      "/v1/webhooks/endpoints",
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async getEndpoint(endpointId) {
+    this.ensureCloud("Webhook endpoint lookup");
+    const safeEndpointId = encodePathSegment(endpointId);
+    return this.httpClient.get(
+      `/v1/webhooks/endpoints/${safeEndpointId}`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async updateEndpoint(endpointId, payload) {
+    this.ensureCloud("Webhook endpoint update");
+    const safeEndpointId = encodePathSegment(endpointId);
+    return this.httpClient.patch(
+      `/v1/webhooks/endpoints/${safeEndpointId}`,
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async deleteEndpoint(endpointId) {
+    this.ensureCloud("Webhook endpoint deletion");
+    const safeEndpointId = encodePathSegment(endpointId);
+    return this.httpClient.delete(
+      `/v1/webhooks/endpoints/${safeEndpointId}`,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async rotateSecret(endpointId) {
+    this.ensureCloud("Webhook secret rotation");
+    const safeEndpointId = encodePathSegment(endpointId);
+    return this.httpClient.post(
+      `/v1/webhooks/endpoints/${safeEndpointId}/rotate-secret`,
+      {},
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async sendTestEvent(endpointId) {
+    this.ensureCloud("Webhook test event");
+    const safeEndpointId = encodePathSegment(endpointId);
+    return this.httpClient.post(
+      `/v1/webhooks/endpoints/${safeEndpointId}/test`,
+      {},
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async verifyEndpoint(endpointId) {
+    this.ensureCloud("Webhook endpoint verification");
+    const safeEndpointId = encodePathSegment(endpointId);
+    return this.httpClient.post(
+      `/v1/webhooks/endpoints/${safeEndpointId}/verify`,
+      {},
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async listDeliveries(query = {}) {
+    this.ensureCloud("Webhook delivery listing");
+    return this.httpClient.get(
+      "/v1/webhooks/deliveries",
+      query,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async replayDelivery(deliveryId) {
+    this.ensureCloud("Webhook delivery replay");
+    const safeDeliveryId = encodePathSegment(deliveryId);
+    return this.httpClient.post(
+      `/v1/webhooks/deliveries/${safeDeliveryId}/replay`,
+      {},
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+};
+
+// src/client/VolumesManager.ts
+var import_fs = __toESM(require("fs"));
+var import_path9 = __toESM(require("path"));
 var import_form_data = __toESM(require("form-data"));
+var VolumesManager = class {
+  constructor(httpClient, local = false) {
+    this.httpClient = httpClient;
+    this.local = local;
+  }
+  ensureCloud(operation) {
+    if (this.local) {
+      throw new UnsupportedOperationError(
+        `${operation} is not supported in local mode.`
+      );
+    }
+  }
+  async create(payload) {
+    this.ensureCloud("Volume creation");
+    return this.httpClient.post(
+      "/v1/volumes",
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async list(refreshUsage = false) {
+    this.ensureCloud("Volume listing");
+    return this.httpClient.get(
+      "/v1/volumes",
+      { refresh_usage: refreshUsage },
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async get(volumeId, refreshUsage = false) {
+    this.ensureCloud("Volume lookup");
+    const safeVolumeId = encodePathSegment(volumeId);
+    return this.httpClient.get(
+      `/v1/volumes/${safeVolumeId}`,
+      { refresh_usage: refreshUsage },
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async update(volumeId, payload) {
+    this.ensureCloud("Volume update");
+    const safeVolumeId = encodePathSegment(volumeId);
+    return this.httpClient.patch(
+      `/v1/volumes/${safeVolumeId}`,
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async delete(volumeId) {
+    this.ensureCloud("Volume deletion");
+    const safeVolumeId = encodePathSegment(volumeId);
+    return this.httpClient.delete(
+      `/v1/volumes/${safeVolumeId}`,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async createCheckpoint(volumeId, payload = {}) {
+    this.ensureCloud("Volume checkpoint creation");
+    const safeVolumeId = encodePathSegment(volumeId);
+    return this.httpClient.post(
+      `/v1/volumes/${safeVolumeId}/checkpoints`,
+      payload,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async listCheckpoints(volumeId) {
+    this.ensureCloud("Volume checkpoint listing");
+    const safeVolumeId = encodePathSegment(volumeId);
+    return this.httpClient.get(
+      `/v1/volumes/${safeVolumeId}/checkpoints`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async deleteCheckpoint(volumeId, checkpointId) {
+    this.ensureCloud("Volume checkpoint deletion");
+    const safeVolumeId = encodePathSegment(volumeId);
+    const safeCheckpointId = encodePathSegment(checkpointId);
+    return this.httpClient.delete(
+      `/v1/volumes/${safeVolumeId}/checkpoints/${safeCheckpointId}`,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async uploadFile(volumeId, payload) {
+    this.ensureCloud("Volume file upload");
+    if (!payload.path || payload.path.trim().length === 0) {
+      throw new Error("payload.path is required");
+    }
+    const hasFilePath = typeof payload.filePath === "string" && payload.filePath.length > 0;
+    const hasFileContent = payload.fileContent !== void 0;
+    if (hasFilePath === hasFileContent) {
+      throw new Error("Provide exactly one of payload.filePath or payload.fileContent");
+    }
+    const safeVolumeId = encodePathSegment(volumeId);
+    const formData = new import_form_data.default();
+    if (hasFilePath) {
+      const sourcePath = payload.filePath;
+      const filename = payload.filename || import_path9.default.basename(sourcePath);
+      formData.append("file", import_fs.default.createReadStream(sourcePath), { filename });
+    } else {
+      const filename = payload.filename || "upload.bin";
+      const raw = payload.fileContent;
+      const buffer = Buffer.isBuffer(raw) ? raw : Buffer.from(raw);
+      formData.append("file", buffer, { filename });
+    }
+    formData.append("path", payload.path);
+    if (payload.overwrite !== void 0) {
+      formData.append("overwrite", String(payload.overwrite));
+    }
+    return this.httpClient.postFormData(
+      `/v1/volumes/${safeVolumeId}/files/upload`,
+      formData
+    );
+  }
+  async downloadFile(volumeId, path2) {
+    this.ensureCloud("Volume file download");
+    const safeVolumeId = encodePathSegment(volumeId);
+    const response = await this.httpClient.post(
+      `/v1/volumes/${safeVolumeId}/files/download`,
+      { path: path2 },
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+    return {
+      path: response.path,
+      filename: response.filename,
+      size: response.size,
+      content: Buffer.from(response.content || "", "base64")
+    };
+  }
+  async listFiles(volumeId, options = {}) {
+    this.ensureCloud("Volume file listing");
+    const safeVolumeId = encodePathSegment(volumeId);
+    return this.httpClient.get(
+      `/v1/volumes/${safeVolumeId}/files`,
+      {
+        prefix: options.prefix ?? "",
+        recursive: options.recursive ?? true,
+        limit: options.limit ?? 1e3
+      },
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  async deleteFile(volumeId, targetPath) {
+    this.ensureCloud("Volume file deletion");
+    const safeVolumeId = encodePathSegment(volumeId);
+    return this.httpClient.request({
+      method: "DELETE",
+      url: `/v1/volumes/${safeVolumeId}/files`,
+      params: { path: targetPath },
+      headers: { "X-API-Key": this.httpClient.apiKey }
+    });
+  }
+};
+
+// src/client/InstaVM.ts
+var import_form_data2 = __toESM(require("form-data"));
 var InstaVM = class {
   constructor(apiKey, options = {}) {
     this._sessionId = null;
+    this._vmUsed = false;
     this.local = options.local || false;
     this.timeout = options.timeout || 3e5;
+    this.memory_mb = options.memory_mb;
+    this.cpu_count = options.cpu_count;
+    this.metadata = options.metadata;
+    this.env = options.env;
     if (!this.local && !apiKey) {
       throw new AuthenticationError("API key is required for cloud mode");
     }
@@ -947,6 +1708,15 @@ var InstaVM = class {
     };
     this.httpClient = new HTTPClient(config);
     this.browser = new BrowserManager(this.httpClient, this.local);
+    this.vms = new VMsManager(this.httpClient, this.local);
+    this.snapshots = new SnapshotsManager(this.httpClient, this.local);
+    this.shares = new SharesManager(this.httpClient, this.local, () => this._sessionId);
+    this.customDomains = new CustomDomainsManager(this.httpClient, this.local);
+    this.computerUse = new ComputerUseManager(this.httpClient, this.local);
+    this.apiKeys = new APIKeysManager(this.httpClient, this.local);
+    this.audit = new AuditManager(this.httpClient, this.local);
+    this.webhooks = new WebhooksManager(this.httpClient, this.local);
+    this.volumes = new VolumesManager(this.httpClient, this.local);
   }
   /**
    * Ensure operation is not called in local mode
@@ -992,6 +1762,9 @@ var InstaVM = class {
       if (response.session_id) {
         this._sessionId = response.session_id;
       }
+      if (!this.local) {
+        this._vmUsed = true;
+      }
       return {
         stdout: response.stdout || "",
         stderr: response.stderr || "",
@@ -1035,6 +1808,7 @@ var InstaVM = class {
       if (response.session_id) {
         this._sessionId = response.session_id;
       }
+      this._vmUsed = true;
       return {
         taskId: response.task_id,
         status: response.status || "pending",
@@ -1106,7 +1880,7 @@ var InstaVM = class {
     if (!sessionId) {
       throw new SessionError("Session ID not set. Please create a session first using createSession().");
     }
-    const formData = new import_form_data.default();
+    const formData = new import_form_data2.default();
     for (const file of files) {
       if (Buffer.isBuffer(file.content)) {
         formData.append("files", file.content, file.name);
@@ -1148,10 +1922,26 @@ var InstaVM = class {
   async createSession() {
     this.ensureNotLocal("Session management");
     try {
-      const response = await this.httpClient.post("/v1/sessions/session", {
+      const requestBody = {
         api_key: this.httpClient.apiKey,
         vm_lifetime_seconds: Math.floor(this.timeout / 1e3)
-      });
+      };
+      if (this.memory_mb !== void 0) {
+        requestBody.memory_mb = this.memory_mb;
+      }
+      if (this.cpu_count !== void 0) {
+        requestBody.vcpu_count = this.cpu_count;
+      }
+      if (this.metadata !== void 0) {
+        requestBody.metadata = this.metadata;
+      }
+      if (this.env !== void 0) {
+        requestBody.env = this.env;
+      }
+      const response = await this.httpClient.post(
+        "/v1/sessions/session",
+        requestBody
+      );
       if (response.session_id) {
         this._sessionId = response.session_id;
         return response.session_id;
@@ -1202,6 +1992,49 @@ var InstaVM = class {
       return false;
     }
   }
+  /**
+   * Get the app URL for a session
+   *
+   * @param sessionId - Session ID (uses current session if not provided)
+   * @param port - Port to expose (1-65535, default: 80)
+   */
+  async getSessionAppUrl(sessionId, port) {
+    this.ensureNotLocal("Session app URL");
+    const targetSessionId = sessionId || this._sessionId;
+    if (!targetSessionId) {
+      throw new SessionError("Session ID not set. Please create a session first.");
+    }
+    const params = {};
+    if (port !== void 0) {
+      params.port = port;
+    }
+    return this.httpClient.get(
+      `/v1/sessions/app-url/${targetSessionId}`,
+      params,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
+  /**
+   * List sandbox records with optional filtering
+   *
+   * @param options.metadata - JSON-serializable metadata filters
+   * @param options.limit - Maximum number of results (1-1000, default: 100)
+   */
+  async listSandboxes(options = {}) {
+    this.ensureNotLocal("Sandbox listing");
+    const params = {};
+    if (options.metadata !== void 0) {
+      params.metadata = JSON.stringify(options.metadata);
+    }
+    if (options.limit !== void 0) {
+      params.limit = options.limit;
+    }
+    return this.httpClient.get(
+      "/v1/sessions/sandboxes",
+      params,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+  }
   /**
    * Get usage statistics for a session
    */
@@ -1265,11 +2098,185 @@ var InstaVM = class {
   get sessionId() {
     return this._sessionId;
   }
+  /**
+   * Kill the VM associated with a session
+   *
+   * @param sessionId - The session UUID whose VM should be killed. If not provided, uses current sessionId
+   * @returns Result containing success message and killed VM ID
+   */
+  async kill(sessionId) {
+    this.ensureNotLocal("VM kill operation");
+    const targetSessionId = sessionId || this._sessionId;
+    if (!targetSessionId) {
+      throw new SessionError("Session ID not set. Please provide a sessionId or start a session first.");
+    }
+    try {
+      const response = await this.httpClient.post(
+        "/kill",
+        { session_id: targetSessionId },
+        { "X-API-Key": this.httpClient.apiKey }
+      );
+      if (!sessionId && this._sessionId === targetSessionId) {
+        this._sessionId = null;
+      }
+      return response;
+    } catch (error) {
+      if (error instanceof Error && "statusCode" in error) {
+        const statusCode = error.statusCode;
+        if (statusCode === 403) {
+          throw new AuthenticationError("You don't own this session", { cause: error });
+        }
+        if (statusCode === 404) {
+          throw new SessionError("Session not found or no VM assigned to session (has execute() been called?)", { cause: error });
+        }
+      }
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      throw new SessionError(
+        `Failed to kill VM: ${errorMessage}`,
+        { cause: error }
+      );
+    }
+  }
+  // --- Egress Policy Methods ---
+  /**
+   * Set egress policy for a session
+   */
+  async setSessionEgress(options = {}, sessionId) {
+    this.ensureNotLocal("Egress policy management");
+    const targetSessionId = sessionId || this._sessionId;
+    if (!targetSessionId) {
+      throw new SessionError("Session ID not set. Please create a session first.");
+    }
+    const response = await this.httpClient.post(
+      `/v1/egress/session/${targetSessionId}`,
+      {
+        allow_public_repos: options.allowPackageManagers ?? true,
+        allow_http: options.allowHttp ?? true,
+        allow_https: options.allowHttps ?? true,
+        allowed_domains: options.allowedDomains ?? [],
+        allowed_cidrs: options.allowedCidrs ?? []
+      },
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+    return response;
+  }
+  /**
+   * Get egress policy for a session
+   */
+  async getSessionEgress(sessionId) {
+    this.ensureNotLocal("Egress policy management");
+    const targetSessionId = sessionId || this._sessionId;
+    if (!targetSessionId) {
+      throw new SessionError("Session ID not set. Please create a session first.");
+    }
+    const response = await this.httpClient.get(
+      `/v1/egress/session/${targetSessionId}`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+    return {
+      allowPackageManagers: response.allow_public_repos,
+      allowHttp: response.allow_http,
+      allowHttps: response.allow_https,
+      allowedDomains: response.allowed_domains || [],
+      allowedCidrs: response.allowed_cidrs || []
+    };
+  }
+  /**
+   * Set egress policy for a specific VM
+   */
+  async setVmEgress(vmId, options = {}) {
+    this.ensureNotLocal("Egress policy management");
+    const response = await this.httpClient.post(
+      `/v1/egress/vm/${vmId}`,
+      {
+        allow_public_repos: options.allowPackageManagers ?? true,
+        allow_http: options.allowHttp ?? true,
+        allow_https: options.allowHttps ?? true,
+        allowed_domains: options.allowedDomains ?? [],
+        allowed_cidrs: options.allowedCidrs ?? []
+      },
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+    return response;
+  }
+  /**
+   * Get egress policy for a specific VM
+   */
+  async getVmEgress(vmId) {
+    this.ensureNotLocal("Egress policy management");
+    const response = await this.httpClient.get(
+      `/v1/egress/vm/${vmId}`,
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+    return {
+      allowPackageManagers: response.allow_public_repos,
+      allowHttp: response.allow_http,
+      allowHttps: response.allow_https,
+      allowedDomains: response.allowed_domains || [],
+      allowedCidrs: response.allowed_cidrs || []
+    };
+  }
+  // --- SSH Key Methods ---
+  /**
+   * Add an SSH public key
+   */
+  async addSshKey(publicKey) {
+    this.ensureNotLocal("SSH key management");
+    const response = await this.httpClient.post(
+      "/v1/ssh-keys",
+      { public_key: publicKey },
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+    return {
+      id: response.id,
+      fingerprint: response.fingerprint,
+      keyType: response.key_type,
+      comment: response.comment ?? null,
+      createdAt: response.created_at
+    };
+  }
+  /**
+   * List all active SSH keys
+   */
+  async listSshKeys() {
+    this.ensureNotLocal("SSH key management");
+    const response = await this.httpClient.get(
+      "/v1/ssh-keys",
+      void 0,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+    const keys = response.keys || [];
+    return keys.map((k) => ({
+      id: k.id,
+      fingerprint: k.fingerprint,
+      keyType: k.key_type,
+      comment: k.comment ?? null,
+      createdAt: k.created_at
+    }));
+  }
+  /**
+   * Delete an SSH key by ID
+   */
+  async deleteSshKey(keyId) {
+    this.ensureNotLocal("SSH key management");
+    const response = await this.httpClient.delete(
+      `/v1/ssh-keys/${keyId}`,
+      { "X-API-Key": this.httpClient.apiKey }
+    );
+    return response;
+  }
   /**
    * Clean up resources
    */
   async dispose() {
-    if (this._sessionId) {
+    if (this._sessionId && !this.local && this._vmUsed) {
+      try {
+        await this.kill();
+      } catch (e) {
+      }
+    } else if (this._sessionId) {
       await this.closeSession();
     }
     await this.browser.dispose();
@@ -1277,6 +2284,8 @@ var InstaVM = class {
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  APIKeysManager,
+  AuditManager,
   AuthenticationError,
   BrowserError,
   BrowserInteractionError,
@@ -1285,6 +2294,8 @@ var InstaVM = class {
   BrowserSession,
   BrowserSessionError,
   BrowserTimeoutError,
+  ComputerUseManager,
+  CustomDomainsManager,
   ElementNotFoundError,
   ExecutionError,
   InstaVM,
@@ -1293,6 +2304,11 @@ var InstaVM = class {
   QuotaExceededError,
   RateLimitError,
   SessionError,
-  UnsupportedOperationError
+  SharesManager,
+  SnapshotsManager,
+  UnsupportedOperationError,
+  VMsManager,
+  VolumesManager,
+  WebhooksManager
 });
 //# sourceMappingURL=index.js.map